Azul - Slashdot User

Submission + - LAION-5B Dataset Removed After Discovery of Child Sexual Abuse Material (404media.co)

Submitted by samleecole on Wednesday December 20, 2023 @08:26AM

samleecole writes: The LAION-5B machine learning dataset used by Google, Stable Diffusion, and other major AI products has been removed by the organization that created it after a Stanford study found that it contained 3,226 suspected instances of child sexual abuse material, 1,008 of which were externally validated.

LAION told 404 Media on Tuesday that out of “an abundance of caution,” it was taking down its datasets temporarily “to ensure they are safe before republishing them."

According to a new study by the Stanford Internet Observatory shared with 404 Media ahead of publication, the researchers found the suspected instances of CSAM through a combination of perceptual and cryptographic hash-based detection and analysis of the images themselves.

“We find that having possession of a LAION5B dataset populated even in late 2023 implies the possession of thousands of illegal images—not including all of the intimate imagery published and gathered nonconsensually, the legality of which is more variable by jurisdiction,” the paper says. “While the amount of CSAM present does not necessarily indicate that the presence of CSAM drastically influences the output of the model above and beyond the model’s ability to combine the concepts of sexual activity and children, it likely does still exert influence. The presence of repeated identical instances of CSAM is also problematic, particularly due to its reinforcement of images of specific victims.”

The finding highlights the danger of largely indiscriminate scraping of the internet for the purposes of generative artificial intelligence.

Submission + - Attack discovered against SSH (arstechnica.com) 1

Submitted by jd on Wednesday December 20, 2023 @06:13AM

jd writes: Ars Technica is reporting a newly-discovered man-in-the-middle attack against SSH. This only works if you are using "ChaCha20-Poly1305" or "CBC with Encrypt-then-MAC", so it isn't a universal flaw. The CVE numbers for this vulnerability are CVE-2023-48795, CVE-2023-46445, and CVE-2023-46446.

From TFA:

At its core, Terrapin works by altering or corrupting information transmitted in the SSH data stream during the handshake—the earliest stage of a connection, when the two parties negotiate the encryption parameters they will use to establish a secure connection. The attack targets the BPP, short for Binary Packet Protocol, which is designed to ensure that adversaries with an active position can't add or drop messages exchanged during the handshake. Terrapin relies on prefix truncation, a class of attack that removes specific messages at the very beginning of a data stream.

The Terrapin attack is a novel cryptographic attack targeting the integrity of the SSH protocol, the first-ever practical attack of its kind, and one of the very few attacks against SSH at all. The attack exploits weaknesses in the specification of SSH paired with widespread algorithms, namely ChaCha20-Poly1305 and CBC-EtM, to remove an arbitrary number of protected messages at the beginning of the secure channel, thus breaking integrity. In practice, the attack can be used to impede the negotiation of certain security-relevant protocol extensions. Moreover, Terrapin enables more advanced exploitation techniques when combined with particular implementation flaws, leading to a total loss of confidentiality and integrity in the worst case.

Submission + - Blue Origin's Suborbital Rocket Flies For First Time In 15 Months (arstechnica.com)

Submitted by Anonymous Coward on Tuesday December 19, 2023 @07:02PM

An anonymous reader writes: With redesigned engine components, Blue Origin's New Shepard rocket took off from West Texas and flew to the edge of space on Tuesday with a package of scientific research and technology demonstration experiments. This was the first flight of Blue Origin's 60-foot-tall (18-meter) New Shepard rocket since September 12, 2022, when an engine failure destroyed the booster and triggered an in-flight abort for the vehicle's pressurized capsule. There were no passengers aboard for that mission, and the capsule safely separated from the failed booster and parachuted to a controlled landing.

The flight on Tuesday also didn't carry people. Instead, Blue Origin, Jeff Bezos's space company, lofted 33 payloads from NASA, research institutions, and commercial companies. Some of these payloads were flown again on Tuesday's launch after failing to reach space on the failed New Shepard mission last year. Among these payloads were an experiment to demonstrate hydrogen fuel cell technology in microgravity and an investigation studying the strength of planetary soils under different gravity conditions. Blue Origin's capsule, mounted on top of the rocket, also flew 38,000 postcards submitted by students through Club for the Future, the company's nonprofit.

For Tuesday's return-to-flight mission, the New Shepard rocket ignited its BE-3PM engine and climbed away from Blue Origin's remote launch site near Van Horn, Texas, at 10:42 am CST (16:42 UTC). The hydrogen-fueled engine fired for more than two minutes, then shut down as scheduled as the rocket continued coasting upward, reaching an altitude of more than 347,000 feet (106 kilometers). The booster returned for a precision propulsive landing a short distance from the launch pad, and Blue Origin's capsule deployed three parachutes to settle onto the desert floor, completing a 10-minute up-and-down flight. Blue Origin has launched 24 missions with its reusable New Shepard rocket, including six flights carrying people just over the Kármán line, the internationally recognized boundary of space 100 kilometers above Earth.

Submission + - Canada lays out plan to phase out sales of gas-powered cars, trucks by 2035 (www.cbc.ca)

Submitted by Major_Disorder on Tuesday December 19, 2023 @06:16PM

Major_Disorder writes: EVs mandates are coming to Canada whether you like it or not. Here is what my Canadian Brothers and sisters need to know.

https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Fwww.cbc.ca%2Fnews%2Fpoliti...

Submission + - TomTom Creates AI-Based Conversational Assistant For Vehicles With Microsoft (reuters.com)

Submitted by Anonymous Coward on Tuesday December 19, 2023 @06:09PM

An anonymous reader writes: Digital mapping specialist TomTom said on Tuesday it has partnered with tech giant Microsoft to create an artificial intelligence (AI)-powered conversational assistant for vehicles. The assistant will allow users to "converse naturally with their vehicles" and enable voice interaction with infotainment, location search, and vehicle command systems, the company said.

TomTom, which competes with Google Maps and the world's biggest mapping platform HERE, used various Microsoft services like its Azure OpenAI Service to create the voice assistant. The Microsoft Azure OpenAI Service allows enterprises to leverage ChatGPT maker OpenAI's large language models (LLM). The voice assistant can be integrated into other automotive infotainment systems and is also built into TomTom's Digital Cockpit, an open, modular in-vehicle infotainment platform, the Dutch map maker said. The company began working with Microsoft in 2016, when it first started powering Azure Maps location services.

Submission + - Meta's News Ban In Canada Remains As Online News Act Goes Into Effect (bbc.com)

Submitted by Anonymous Coward on Tuesday December 19, 2023 @05:25PM

An anonymous reader writes: A bill that mandates tech giants pay news outlets for their content has come into effect in Canada amid an ongoing dispute with Facebook and Instagram owner Meta over the law. Some have hailed it as a game-changer that sets out a permanent framework that will see a steady drip of funds from wealthy tech companies to Canada's struggling journalism industry. But it has also been met with resistance by Google and Meta — the only two companies big enough to be encompassed by the law. In response, over the summer, Meta blocked access to news on Facebook and Instagram for Canadians. Google looked set to follow, but after months of talks, the federal government was able to negotiate a deal with the search giant as the company has agreed to pay Canadian news outlets $75 million annually.

No such agreement appears to be on the horizon with Meta, which has called the law "fundamentally flawed." If Meta is refusing to budge, so is the government. "We will continue to push Meta, that makes billions of dollars in profits, even though it is refusing to invest in the journalistic rigor and stability of the media," Prime Minister Justin Trudeau told reporters on Friday.

Submission + - Microsoft releases software to remove unwanted HP printer software (arstechnica.com)

Submitted by UnknowingFool on Tuesday December 19, 2023 @04:52PM

UnknowingFool writes: Microsoft has released a new software tool to remove printer software from HP that was installed without user permission or system need. A few weeks ago, users noticed that Windows update installed HP printer software even if they did not have HP printers or printers at all. Affecting Windows 10 and 11, consumers reported that this update sometimes caused problems as it could rename their non-HP printers as HP printers causing some printing features to be inaccessible. Microsoft has not disclosed the root cause of the issue.

Submission + - UK court: Craig Wright cannot copyright Bitcoin file format (decrypt.co)

Submitted by UnknowingFool on Wednesday February 08, 2023 @05:26PM

UnknowingFool writes: UK Judge James Mellor has thrown out Craig Wright's cases against Bitcoin derivatives like Bitcoin Cash as Wright cannot claim copyright on the Bitcoin file format. Wright had sued forks of Bitcoin claiming they breached his copyrights to prevent them from operating. The judge disagreed noting that Wright had failed to meet a requirement of copyright called "fixation" detailing where/when/how the original expression was first recorded somewhere in any media.

“Whilst I accept that the law of copyright will continue to face challenges with new digital technologies, I do not see any prospect of the law as currently stated and understood in the caselaw allowing copyright protection of subject-matter which is not expressed or fixed anywhere.” wrote Judge Mellor

In other words Wright has failed to show any evidence that he wrote down the file format somewhere to claim that he created the file format. This is not the first time Wright has failed to produce credible evidence in a court case: in a Oslo, Norway case last year Wright claimed he destroyed a hard drive in 2016 containing the Nakomoto original keys despite telling a US court in 2020 that he was waiting on the same keys to be delivered by a special courier. Those keys were later ruled to be fictitious.

Submission + - Lucid Dying: Patients Recall Near-Death Experiences During CPR

Submitted by InfiniteZero on Monday November 07, 2022 @07:53PM

InfiniteZero writes: A new study shows that around one in five people who survive cardiopulmonary resuscitation (CPR) after cardiac arrest describe lucid experiences of death that occurred while they were seemingly unconscious and on the brink of death.

Survivors reported having unique lucid experiences, including a perception of separation from the body and observing events without pain or distress. They also reported a meaningful evaluation of life, including of their actions, intentions, and thoughts toward others. The researchers found these experiences of death to be different from hallucinations, dreams, delusions, illusions, or CPR-induced consciousness.

Tests for hidden brain activity were also included in the research. A key finding was the discovery of spikes of brain activity, including so-called gamma, delta, theta, alpha, and beta waves up to an hour into CPR. Some of these brain waves normally occur when people are conscious and performing higher mental functions, including thinking, memory retrieval, and conscious perception.

Submission + - SPAM: Tesla's virtual power plant had its first event helping the grid

Submitted by Klaxton on Thursday August 18, 2022 @05:13PM

Klaxton writes: Last year, Tesla launched a VPP pilot program in California, where Powerwall owners would join in voluntarily without compensation to let the VPP pull power from their battery packs when the grid needed it.

Following the pilot program, Tesla and PG&E, the electric utility covering Northern California, launched the first official virtual power plant through the Tesla app in June.

This new version of the Tesla Virtual Power Plant actually compensates Powerwall owners $2 per kWh that they contribute to the grid during emergency load reduction events. Homeowners are expected to get between $10 and $60 per event.

the Tesla VPP had its first emergency response event. Tesla reached out to Powerwall owners who opted in the program through its app yesterday to warn them of the event and give them the option to opt-out if they needed all the power from their Powerwalls today

It looks like 2,342 Powerwall owners participated in the event on the PG&E network and 268 homes on the SCE grid.

For PG&E, Tesla’s VPP was outputting as much as 16 MW of power at one point during the event – acting as a small distributed power plant.
Link to Original Source

Submission + - Retrofitting Temporal Memory Safety in C + + (googleblog.com) 1

Submitted by Hari Pota on Monday May 30, 2022 @12:48PM

Hari Pota writes: From the Google Online Security Blog.

"Temporal memory safety refers to the problem of guaranteeing that memory is always accessed with the most up to date information of its structure, its type. C++ unfortunately does not provide such guarantees. While there is appetite for different languages than C++ with stronger memory safety guarantees, large codebases such as Chromium will use C++ for the foreseeable future."

Submission + - Apple Delays Return to Work INDEFINITELY (nytimes.com)

Submitted by ttyler on Wednesday December 15, 2021 @07:03PM

ttyler writes: BREAKING: Tim Cook just sent out an email delaying Apple’s return to work to a date “yet to be determined.” He also said the company is giving every corporate employee $1,000 to spend on home office equipment.

https://ancillary-proxy.atarimworker.io?url=https%3A%2F%2Ftwitter.com%2FZoeSchiffe...

Submission + - How Did Open Source Get Broken? (dev.to) 3

Submitted by frank_adrian314159 on Wednesday December 15, 2021 @06:48AM

frank_adrian314159 writes: By now, most of the internet knows about the famous Log4Shell exploit, and if you don't, it's easy to get a sense of how disastrous it's been. To drive the point home: the US Department of Homeland Security is warning people about it.

There's been a lot of hand-wringing about how open source software, the lifeblood of many businesses today, is often totally unpaid and unthanked work, with some hot takes like 'Open source needs to grow the hell up.' and 'Open source' is broken.

What I want to touch on is something that's been bothering me for the past few days, and solidified after seeing Bloomberg's piece–the fact that the log4j developers had this massive security issue dumped in their laps, with the expectation that they were supposed to fix it. How did that happen? How did a group of smart, hard-working people get roped into a thankless, high-pressure situation with absolutely no upside for themselves? ...

It is this communal mythology I want to talk about, this great open source brainwashing that makes maintainers feel like they need to go above and beyond publishing source code under an open source license–that they need to manage and grow a community, accept contributions, fix issues, follow vulnerability disclosure best practices, and many other things. ...

In reality what is happening, is that open source maintainers are effectively unpaid outsourcing teams for giant corporations. The [engineer who reported the issue] told the log4j team: 'Please hurry up'

Submission + - Darpa Funded Researchers Accidentally Create the World's First Warp Bubble (thedebrief.org)

Submitted by Reeses on Tuesday December 07, 2021 @01:20AM

Reeses writes: The Debrief just reported that DARPA just "accidentally" created the world's first warp bubble. From the article:

Warp drive pioneer and former NASA warp drive specialist Dr. Harold G “Sonny” White has reported the successful manifestation of an actual, real-world “Warp Bubble.” And, according to White, this first of its kind breakthrough by his Limitless Space Institute (LSI) team sets a new starting point for those trying to manufacture a full-sized, warp-capable spacecraft.

There's also a video of the announcement, The Very First Warp-Bubble Created by DARPA Funded Team.

Submission + - Missouri was to thank "hacker" journalist before Governor accused him of crimes (arstechnica.com)

Submitted by UnknowingFool on Monday December 06, 2021 @04:59PM

UnknowingFool writes: Two days before Missouri governor Michael Parson (R) accused a newspaper reporter, Josh Renaud, of "hacking" for reporting about a fixed flaw in a state website, the state government of Missouri was planning to publicly thank Renaud for alerting them of the flaw, emails show in a public records request. Two days later, however, the Governor publicly accused Renaud of crimes. Also in the request, emails show that a day before the article was published the state's cybersecurity specialist informed other state officials that "[FBI Agent] Kyler [Storm] after reading the emails from the reporter that this incident is not an actual network intrusion".

St Louis Dispatch reporter, Josh Renaud, had discovered that the state's website was exposing the Social Security Numbers of teachers and other school employees in the HTML code of the state's site. He informed the state who fixed the flaw, and he delayed publishing the article until after the flaw was fixed. The article was published on October 14. The same day, Governor Parson accused Renaud of cyber crimes. A week later, Parson doubled down after criticism.

Slashdot Top Deals